Undertow Spring Security

Since Camel 3.3

The Spring Security Provider provides Spring Security (5.x) token bearer security over the camel-undertow component. To force camel-undertow to use spring security provider:

Add the spring security provider library on classpath.
Provide instance of SpringSecurityConfiguration as securityConfiguration parameter into the camel-undertow component or provide both securityConfiguration and securityProvider into camel-undertow component.
Configure spring-security.

Configuration has to provide the following security attribute:

Name

Description

Type

securityFiler

Provides security filter gained from configured spring security (5.x). Filter could be obtained, for example, from DelegatingFilterProxyRegistrationBean.

Filter

Each exchange created by Undertow endpoint with spring security contains header 'SpringSecurityProvider_principal' ( name of header is provided as a constant SpringSecurityProvider.PRINCIPAL_NAME_HEADER) with current authorized identity as value or header is not present in case of rejected requests.